1. Field of the Invention
The present invention relates to encryption circuitry. More particularly, the present invention relates to encryption circuitry enabled by comparing an operating spectral signature to an initial spectral signature.
2. Description of the Prior Art
Cryptosystems are typically secure as long as attackers cannot discover the secret keys used to encrypt and decrypt messages. Attackers use various cryptanalysis techniques to analyze a cryptosystem in an attempt to discover the secret keys, where the difficulty in discovering the secret keys generally depends on the amount of information available. The cryptosystem typically employs a public encryption algorithm (such as RSA, DES, etc.), therefore an attacker typically knows the encryption algorithm and has access to ciphertext (encrypted text). However, it is usually very difficult to discover the secret keys with this information alone because an attacker typically needs to perform various operations on the ciphertext with respect to the original plaintext (unencrypted text). A known cryptanalysis technique includes monitoring a cryptosystem to capture plaintext before it is encrypted so that it can be analyzed together with the ciphertext. Another cryptanalysis technique includes performing a chosen plaintext attack by choosing the plaintext that is to be encrypted so as to expose vulnerabilities of a cryptosystem because the attacker can deliberately pick patterns helpful to analysis contributing to discovering the secret keys. This type of an attack can be defended against by requiring the individual clients accessing the cryptosystem to be authenticated. However, an attacker with direct access to a cryptosystem may attempt to circumvent such a requirement by tampering with the cryptosystem. Examples of tampering include inspecting, altering or replacing a component of the cryptosystem in order to force the encryption operation.
There is, therefore, a need to validate a cryptosystem before enabling an encryption operation so as to protect the encryption keys from chosen plain text attacks.
The present invention may be regarded as a device comprising encryption circuitry for encrypting plaintext data into ciphertext data. A memory stores an initial spectral signature representing an initial spectral characteristic of the device, and a signal generator for generating an operating spectral signature representing an operating spectral characteristic of the device. A comparator compares the operating spectral signature to the initial spectral signature and enables the encryption circuitry if the operating spectral characteristic substantially matches the initial spectral characteristic.
The present invention may also be regarded as a method of enabling encryption circuitry within a device, the encryption circuitry for encrypting plaintext data into ciphertext data. The method comprises the steps of storing in a memory an initial spectral signature representing an initial spectral characteristic of the device and generating an operating spectral signature representing an operating spectral characteristic of the device. The operating spectral signature is compared to the initial spectral signature, and the encryption circuitry is enabled if the operating spectral characteristic substantially matches the initial spectral characteristic.